Patents Assigned to Foundry Networks, Inc.
  • Publication number: 20100046521
    Abstract: The present invention provides systems and methods for providing data transmission speeds at or in excess of 10 gigabits per second between one or more source devices and one or more destination devices. According to one embodiment, the system of the present invention comprises a first and second media access control (MAC) interfaces to facilitate receipt and transmission of packets over an associated set of physical interfaces. The system also contemplates a first and second field programmable gate arrays (FPGA) coupled to the MAC interfaces and an associated first and second memory structures, the first and second FPGAs are configured to perform initial processing of packets received from the first and second MAC interfaces and to schedule the transmission of packets to the first and second MAC interface for transmission to one or more destination devices. The first and second FPGAs are further operative to dispatch and retrieve packets to and from the first and second memory structures.
    Type: Application
    Filed: October 29, 2009
    Publication date: February 25, 2010
    Applicant: Foundry Networks, Inc.
    Inventor: Yuen Fai Wong
  • Publication number: 20100034215
    Abstract: A backplane interface adapter with error control and redundant fabric for a high-performance network switch. The error control may be provided by an administrative module that includes a level monitor, a stripe synchronization error detector, a flow controller, and a control character presence tracker. The redundant fabric transceiver of the backplane interface adapter improves the adapter's ability to properly and consistently receive narrow input cells carrying packets of data and output wide striped cells to a switching fabric.
    Type: Application
    Filed: July 17, 2009
    Publication date: February 11, 2010
    Applicant: Foundry Networks, Inc.
    Inventors: Ronak Patel, Ming G. Wong, Yu-mei Lin, Andrew Chang, Yuen Fai A. Wong
  • Patent number: 7657703
    Abstract: The number of content addressable memory (CAM) lookups is reduced from two to one. Each side (left and right sides) of a CAM is programmed with network addresses, such as IP addresses, based on certain bits of the network addresses. These bits of the network addresses (which represent packet routes) are examined and used to determine whether the particular network address is to be placed on the left or right sides of the CAM. The grouping of certain network addresses either on the left or right sides of the CAM can be performed by examining an individual bit of each network address, by performing an exclusive OR (XOR) operation on a plurality of bits of each network address, and/or by searching for bit patterns of the network address in a decision table. Network addresses that cannot be readily assigned to a particular side of the CAM using these grouping techniques are programmed into both sides of the CAM.
    Type: Grant
    Filed: April 28, 2005
    Date of Patent: February 2, 2010
    Assignee: Foundry Networks, Inc.
    Inventor: Ram Dular Singh
  • Patent number: 7657629
    Abstract: A global server load-balancing (GSLB) switch serves as a proxy to an authoritative DNS and communicates with numerous site switches that are coupled to host servers serving specific applications. The GSLB switch receives from site switches operational information regarding host servers within the site switches neighborhood. When a client program requests a resolution of a host name, the GSLB switch, acting as a proxy of an authoritative DNS, returns one or more ordered IP addresses for the host name. The IP addresses are ordered using metrics that include the information collected from the site switches or based on other metric information. Examples of metrics include weighted site, weighted IP, and active bindings metrics. The GSLB switch places the address that is deemed “best” at the top of the list.
    Type: Grant
    Filed: February 28, 2003
    Date of Patent: February 2, 2010
    Assignee: Foundry Networks, Inc.
    Inventor: Sunanda L. Kommula
  • Publication number: 20100023618
    Abstract: The method of the present invention comprises initiating a connection to a port on an access device by a supplicant and associating supplicant identification information with the port. The access device may comprise any network connectivity device, including a wireless access point. Data packets transmitted over the port by the supplicant are statistically sampled as they are transmitted, with each of the sample data packets also associated with the supplicant identification information. The sample data packets are stored according to their associated supplicant identification information in order to perform accounting. The sample data packets, with the supplicant identification information, are sent to a network management system where the data is archived and presented in a human readable form, e.g., charts, etc.
    Type: Application
    Filed: July 28, 2009
    Publication date: January 28, 2010
    Applicant: Foundry Networks, Inc.
    Inventors: Sunil P. Chitnis, Bhimaraju Prasad
  • Patent number: 7649885
    Abstract: According to an embodiment of the invention, a network device such as a router or switch provides efficient data packet handling capability. The network device includes one or more input ports for receiving data packets to be routed, as well as one or more output ports for transmitting data packets. The network device includes an integrated port controller integrated circuit for routing packets. The integrated circuit includes an interface circuit, a received packets circuit, a buffer manager circuit for receiving data packets from the received packets circuit and transmitting data packets in one or more buffers and reading data packets from the one or more buffers. The integrated circuit also includes a rate shaper counter for storing credit for a traffic class, so that the integrated circuit can support input and/or output rate shaping.
    Type: Grant
    Filed: May 6, 2002
    Date of Patent: January 19, 2010
    Assignee: Foundry Networks, Inc.
    Inventors: Ian Edward Davis, Jeffrey A. Prince, Ronak Patel
  • Publication number: 20100011120
    Abstract: Canonical name (CNAME) handling is performed in a system configured for global server load balancing (GSLB), which orders IP addresses into a list based on a set of performance metrics. When the GSLB switch receives a reply from an authoritative DNS server, the GSLB switch scans the reply for CNAME records. If a CNAME record is detected and it points to a host name configured for GSLB, then a GSLB algorithm is applied to the reply. This involves identifying the host name (pointed to by the CNAME record) in the reply and applying the metrics to the list of returned IP addresses corresponding to that host name, to reorder the list to place the “best” IP address at the top. If the CNAME record in the reply points to a host name that is not configured for GSLB, then the GSLB sends the reply unaltered to the inquiring client.
    Type: Application
    Filed: July 20, 2009
    Publication date: January 14, 2010
    Applicant: FOUNDRY NETWORKS, INC.
    Inventor: Sunanda Lakshmi Kommula
  • Publication number: 20100011126
    Abstract: A global server load balancing (GSLB) switch serves as a proxy to an authoritative DNS communicates with numerous site switches which are coupled to host servers serving specific applications. The GSLB switch receives from site switches operational information regarding host servers within the site switches neighborhood. When a client program requests a resolution of a host name, the GSLB switch, acting as a proxy of an authoritative DNS, returns one or more ordered IP addresses for the host name. The IP addresses are ordered using metrics that include the information collected from the site switches. In one instance, the GSLB switch places the address that is deemed “best” at the top of the list.
    Type: Application
    Filed: July 1, 2009
    Publication date: January 14, 2010
    Applicant: Foundry Networks, Inc.
    Inventors: Ivy Pei-Shan Hsu, David Chun-Ying Cheung, Rajkumar Ramniranjan Jalan
  • Publication number: 20100010991
    Abstract: In a network, a user can configure host-level policies usable for load balancing traffic to servers of a domain. A global server load balancing (GSLB) switch provides load balancing to the servers, and is configured with the GSLB host-level policies. Users can define a host-level policy (alternatively or additionally to a globally applied GSLB policy) and apply the host-level policy to hosts in domains configured on the GSLB switch. Thus, the user can enable different policies for different hosts. This allows the user to have the flexibility to control metrics used for selection of a best address for querying clients, as well as the metric order and additional parameters used in the GSLB process, at the host level.
    Type: Application
    Filed: July 20, 2009
    Publication date: January 14, 2010
    Applicant: FOUNDRY NETWORKS, INC.
    Inventor: Prajakta S. Joshi
  • Patent number: 7647427
    Abstract: Stateful failover redundancy support is provided for network address translation (NAT). A master NAT device is backed-up with at least one back-up NAT device. Existing sessions are synchronized between the two NAT devices, such as via a dedicated link between them. In the event of a failover where the master NAT device is unable to perform its NAT functions, ownership of Internet protocol (IP) addresses is transferred from the master NAT device to the back-up NAT device. The back-up NAT device, which is now owner of the IP addresses, assumes the NAT functionality associated with these IP addresses and continues the existing sessions, as well as processing new sessions.
    Type: Grant
    Filed: October 18, 2002
    Date of Patent: January 12, 2010
    Assignee: Foundry Networks, Inc.
    Inventor: Sridhar J. Devarapalli
  • Patent number: 7639608
    Abstract: Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control on the MAC layer.
    Type: Grant
    Filed: October 23, 2003
    Date of Patent: December 29, 2009
    Assignee: Foundry Networks, Inc.
    Inventors: Nitin Jain, Rajkumar Jalan
  • Patent number: 7636369
    Abstract: The present invention provides systems and methods for providing data transmission speeds at or in excess of 10 gigabits per second between one or more source devices and one or more destination devices. According to one embodiment, the system of the present invention comprises a first and second media access control (MAC) interfaces to facilitate receipt and transmission of packets over an associated set of physical interfaces. The system also contemplates a first and second field programmable gate arrays (FPGA) coupled to the MAC interfaces and an associated first and second memory structures, the first and second FPGAs are configured to perform initial processing of packets received from the first and second MAC interfaces and to schedule the transmission of packets to the first and second MAC interface for transmission to one or more destination devices. The first and second FPGAs are further operative to dispatch and retrieve packets to and from the first and second memory structures.
    Type: Grant
    Filed: November 29, 2004
    Date of Patent: December 22, 2009
    Assignee: Foundry Networks, Inc.
    Inventor: Yuen Fai Wong
  • Publication number: 20090307773
    Abstract: A system and method that provides for copying ARP replies, and generating data packets which include the ARP reply, and other information such as an identification of the port on the ARP reply was received. These data packets are then transmitted to an ARP collector which stores the ARP reply and port information. The ARP collector then uses this stored information, and analyzes future data packets relative to the stored information to detect occurrences of ARP spoofing. The ARP collector further provides for generating alerts and taking security actions when ARP reply spoofing is detected.
    Type: Application
    Filed: June 4, 2009
    Publication date: December 10, 2009
    Applicant: Foundry Networks, Inc.
    Inventor: Philip Kwan
  • Patent number: 7631201
    Abstract: A method of allocating power to ports in an Ethernet switch, including: (1) determining the available capacity of a power pool used to supply the ports, (2) assigning a configuration power to each of the ports, (3) selecting a port to be enabled, (4) determining whether the available capacity of the power pool exceeds the configuration power assigned to the selected port, and, if the available capacity of the power pool exceeds the configuration power assigned to the selected port, then (4) subtracting the configuration power assigned to the selected port from the available capacity of the power pool, (5) enabling and powering the selected port and simultaneously detecting whether the selected port is connected to a powered device, and (6) adding the configuration power assigned to the selected port to the available capacity of the power pool if the port is not connected to a powered device.
    Type: Grant
    Filed: May 25, 2006
    Date of Patent: December 8, 2009
    Assignee: Foundry Networks, Inc.
    Inventor: Rakesh Hansalia
  • Publication number: 20090299791
    Abstract: Licensed connections to network resources or services, such as servers or applications, are managed, including setting, limiting, monitoring, enforcing, recording, reporting, or otherwise managing licenses across multiple network resources. Real-time information that tracks license usage is logged. Reporting features are provided to allow a system administrator, vendor, network operator, or other entity to access the log information to determine license usage and compliance. Layer 7 information is used for determining distribution of licensed connections, including an implementation where connection to mail servers is distributed according to username. License management may be performed with or without using load-balancing technology.
    Type: Application
    Filed: June 25, 2003
    Publication date: December 3, 2009
    Applicant: Foundry Networks, Inc.
    Inventors: Victor R. Blake, Ritesh Rekhi
  • Publication number: 20090300759
    Abstract: Techniques for detecting and responding to attacks on computer and network systems including denial-of-service (DoS) attacks. A packet is classified as potentially being an attack packet if it matches an access control list (ACL) specifying one or more conditions. One or more actions may be performed responsive to packets identified as potential attack packets. These actions may include dropping packets identified as potential attack packets for a period of time, rate limiting a port over which the potential attack packets are received for a period of time, and other actions.
    Type: Application
    Filed: December 26, 2006
    Publication date: December 3, 2009
    Applicant: Foundry Networks, Inc.
    Inventors: Sheng-Yih Wang, Ron Talmor
  • Publication number: 20090296565
    Abstract: Systems and methods are described for providing network route redundancy through Layer 2 devices, such as a loop free Layer 2 network having a plurality of switching devices. A virtual switch is coupled to the loop free Layer 2 network, the virtual switch having two or more switches configured to transition between master and backup modes to provide redundant support for the loop free Layer 2 network, the switches communicating their status through use of a plurality of redundancy control packets. The system also includes means for allowing the redundancy control packets to be flooded through the Layer 2 network. The means may include time-to-live data attached to the redundancy control packet which is decremented only when the packets are transferred through devices which are configured to recognize the protocol used in redundancy control packets.
    Type: Application
    Filed: June 2, 2009
    Publication date: December 3, 2009
    Applicant: Foundry Networks, Inc.
    Inventors: Andrew Tai-Chin KUO, Ivy Pei-Shan HSU, Jordi MONCADA-ELIAS, Rajkumar JALAN, Gurudeep KAMAT
  • Patent number: 7627654
    Abstract: A system and method that modifies the behavior of the IEEE 802.1D STP standard to thereby decouple the one data domain from the one control domain involves managing multiple spanning tree protocol (STP) instances in a virtual local area network (VLAN). The method includes the step of assigning a unique set of ports within the VLAN to each of the multiple STP instances. Then, each of the multiple STP instances are managed to keep each of the multiple STP instances separate. Finally, when a topology change is detected in one of the multiple STP instances, entries that have been learned on the unique set of ports assigned to the STP protocol instance where the topology change is detected are fast-aged or transitioned from one state to another.
    Type: Grant
    Filed: June 9, 2003
    Date of Patent: December 1, 2009
    Assignee: Foundry Networks, Inc.
    Inventors: Rajiv Ramanathan, Jordi Moncada-Elias
  • Publication number: 20090292943
    Abstract: Techniques for configuring a local repair connection for a protected connection including determining a path for the local repair connection. The path traversed by a local repair connection starts at a node in the path associated with the protected connection and ends at a merge point node in the path associated with the protected connection that is downstream from the start node. In one embodiment, the merge point node may even be more than two hops downstream from the start node in the path associated with the protected connection. The local repair path may include zero or more nodes that are not included in the path associated with the protected connection. Techniques are also described for optimizing the path associated with a local repair connection.
    Type: Application
    Filed: August 2, 2007
    Publication date: November 26, 2009
    Applicant: Foundry Networks, Inc.
    Inventors: Mohammad Hanif, Ivy Hsu
  • Publication number: 20090292942
    Abstract: Techniques for finding an optimized local repair path that may be used to signal a local repair connection for a protected connection. The optimized local repair path starts at a node in the path associated with the protected connection and ends at a merge point node in the path associated with the protected connection that is downstream from the start node. Various techniques may be used for finding an optimized local repair path.
    Type: Application
    Filed: August 2, 2007
    Publication date: November 26, 2009
    Applicant: Foundry Networks, Inc.
    Inventors: Sandeep Bhat, Mohammad Hanif, Sriniwas Polavarapu